From d3656a1a9618daefaeb3b271a52b3aec53ab8ad1 Mon Sep 17 00:00:00 2001 From: Mark Linimon Date: Tue, 18 Dec 2012 03:52:50 +0000 Subject: [PATCH] - Document how to export some variables and change some of the initial setup commands to make them cut-and-pasteable. - Document that the new zfsadmin tool creates a zfs permission set to allow the portbuild user to manage the entire volume, thus obviating the need for privilege escalation for that case. - Note that this also means that the background svn update processes no longer need to live in the root crontab. - Document how to fold the exported variables back into server.conf. - Finally, note that the qmanager initial command has also been automated. --- .../articles/portbuild/article.xml | 104 +++++++++++++----- 1 file changed, 79 insertions(+), 25 deletions(-) diff --git a/en_US.ISO8859-1/articles/portbuild/article.xml b/en_US.ISO8859-1/articles/portbuild/article.xml index 8ee914551e..fccf032988 100644 --- a/en_US.ISO8859-1/articles/portbuild/article.xml +++ b/en_US.ISO8859-1/articles/portbuild/article.xml @@ -2820,6 +2820,12 @@ ln -s ../arch/archive/errorlogs arch'*' password. + + Export that value for a later initialization step: + &prompt.root; export PORTBUILD_USER=portbuild + + + Add the following to /boot/loader.conf: console="vidconsole,comconsole" @@ -2981,7 +2987,7 @@ sysutils/zfs-stats Create the mountpoint. - &prompt.root; mkdir -p /a + &prompt.root; mkdir -p ${ZFS_MOUNTPOINT} @@ -2991,22 +2997,40 @@ sysutils/zfs-stats Creating a <application>zfs</application> volume for portbuild -&prompt.root; zpool create a mirror da1 da2 mirror da3 da4 mirror da5 da6 mirror da7 da8 +&prompt.root; zpool create ${ZFS_VOLUME} mirror da1 da2 mirror da3 da4 mirror da5 da6 mirror da7 da8 + + We will define a zfs + permission set below, so that the + portbuild user may administer this + volume without having to have root privileges. + + - - Setting up and configuring the <application>portbuild</application> repository + + Setting up the <application>portbuild</application> repository + + The following steps need to be done as euid root. + + Select an svn repository + and export it. See the + &os; Handbook + for the currently supported list. + &prompt.root; export VCS_REPOSITORY=svn://svn0.us-east.FreeBSD.org + + + Create the portbuild directory: -&prompt.root; mkdir -p /a/portbuild +&prompt.root; mkdir -p ${ZFS_MOUNTPOINT}/portbuild @@ -3014,16 +3038,15 @@ sysutils/zfs-stats Create and mount a new zfs filesystem on it: - zfs create -o mountpoint=/a/portbuild a/portbuild + zfs create -o mountpoint=${ZFS_MOUNTPOINT}/portbuild ${ZFS_VOLUME}/portbuild Set up the directory: -&prompt.root; cd /a/portbuild -&prompt.root; chown portbuild:portbuild . -&prompt.root; chmod 775 . -&prompt.root; ln -sf /a/portbuild /var/portbuild +&prompt.root; chown ${PORTBUILD_USER}:${PORTBUILD_USER} ${ZFS_MOUNTPOINT}/portbuild +&prompt.root; chmod 775 ${ZFS_MOUNTPOINT}/portbuild +&prompt.root; ln -sf ${ZFS_MOUNTPOINT}/portbuild /var/portbuild @@ -3033,19 +3056,29 @@ sysutils/zfs-stats - - Set up an account with subversion config files - installed. Again, we generally use - portbuild. - + + + The next step needs to be done as the + portbuild user. + + - As that user, set up the repository: -&prompt.user; svn checkout svn://svn.freebsd.org/base/projects/portbuild /a/portbuild + set up the repository: +&prompt.user; svn checkout svn://${VCS_REPOSITORY}/base/projects/portbuild ${ZFS_MOUNTPOINT}/portbuild - + + + + + + + Configuring the <application>portbuild</application> files + + + Configure how build slaves will talk to your server by making the following changes to @@ -3111,10 +3144,15 @@ sysutils/zfs-stats Set UPLOAD_DIRECTORY, UPLOAD_TARGET, and - UPLOAD_USER as approprite + UPLOAD_USER as appropriate for your site. + + Set VCS_REPOSITORY to whatever + you chose above. + + Set MASTER_URL to the http URL of your server. This will be stamped into the @@ -3135,6 +3173,13 @@ sysutils/zfs-stats + + As euid root, set up the zfs + permission set: + &prompt.root; ${ZFS_MOUNTPOINT}/tools/zfsadmin + + + For each architecture, follow the steps in . @@ -3165,8 +3210,15 @@ qmanager.sh Initialize the qmanager - database's acl list: -&prompt.root; python /var/portbuild/qmanager/qclient add_acl name=deny_all uidlist= gidlist= sense=0 + database's acl list: + + + This should now be automatically done for you by + the first build command. + + + +&prompt.root; python /a/portbuild/qmanager/qclient add_acl name=deny_all uidlist= gidlist= sense=0 @@ -3180,14 +3232,16 @@ qmanager.sh - Run the following commands manually to create the + As the portbuild user, + run the following commands manually to create the src and ports repositories, respectively: -&prompt.user; sudo /var/portbuild/scripts/updatesnap.ports -&prompt.user; sudo /var/portbuild/scripts/updatesnap +&prompt.user; /a/portbuild/scripts/updatesnap.ports +&prompt.user; /a/portbuild/scripts/updatesnap - These will be periodically run from the root + These will be periodically run from the + portbuild crontab, which you will install below.